-
Notifications
You must be signed in to change notification settings - Fork 61
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrate to latest Azure container registry SDK #959
Comments
@yizha1 we are blocked by this. Azure sdk for go has limitation on the Refresh Token Client not being exposed on latest sdk. We cannot upgrade to latest stable sdk until this is resolved. We will need to postpone this post GA |
@akashsinghal Thanks for sharing this information. This means we need to keep using the current preview SDK, and figure out the upgrade path or other alternatives to solve this issue. We can discuss it further in the community meeting on 8/16/2023. |
Move to 1.1 |
Hi @akashsinghal , for new contributor to ramp up on this. Would you be able to include doc and src code links for the impact code path/user scenario. thanks! |
I believe the impacted code path are in azidentity and azureworkloadidentity. @akashsinghal to confirm if this currently cli or only the k8s scenario |
@susanshi this issue is tracking specifically the ACR SDK which is used only by oras workload identity auth provider. This issue is blocked. New versions of SDK do not expose only receiving refresh token for AAD token which is what ORAS requires as input for credential. Until a new version exposes a refresh client, we cannot proceed from Ratify side |
What would you like to be added?
Ratify’s Azure auth providers rely on a deprecated 2019 preview go sdk to authenticate with the ACR. We should refactor code and migrate to latest SDK.
Anything else you would like to add?
No response
Are you willing to submit PRs to contribute to this feature?
The text was updated successfully, but these errors were encountered: